WhatsApp has patched a critical 0-day vulnerability actively exploited against iOS and macOS users. The flaw, tracked as CVE-2025-55177, enabled attackers to deploy zero-click spyware capable of stealing sensitive data without any user interaction. Meta, WhatsApp’s parent company, confirmed that the bug was exploited in targeted attacks against “specific users”…
Security researchers have uncovered a large-scale malware campaign distributing an infostealer dubbed TamperedChef through fake PDF editing applications. The campaign relied on Google ads to drive victims to fraudulent websites hosting malicious downloads, blending legitimate branding with carefully timed activation of hidden payloads. How the Campaign Works According to researchers,…
Security analysts from JFrog have identified eight malicious NPM packages designed to steal sensitive information from Google Chrome users on Windows systems. The discovery highlights a growing risk in the software supply chain, where attackers weaponize widely used developer tools to target unsuspecting users. How the Attack Worked JFrog researchers…
Security researchers have uncovered a Facebook malvertising campaign spreading Brokewell spyware to Android devices. The campaign uses fake TradingView ads to lure victims into downloading a trojanized app, which then steals cryptocurrency wallet details, personal data, and other sensitive information. How the Malware Works According to researchers, attackers cloned TradingView…
Security researchers uncovered a supply chain attack targeting macOS developers that compromised thousands of credentials. The campaign, dubbed “s1ngularity,” exploited versions 20.9.0 to 21.8.0 of Nx, a popular open-source build framework, according to analysis from GitGuardian. The breach highlights the growing overlap between macOS attacks and the broader ecosystem of…
Security researchers just dropped a bombshell about ChatGPT’s newest feature – the AgentFlayer exploit can silently steal your sensitive data from Google Drive, SharePoint, and other connected services without you even knowing it happened. This zero-click attack uses “poisoned” documents loaded with hidden prompt injections that trick ChatGPT into exfiltrating…
The Chaos RaaS operation has emerged from the ashes of the BlackSuit ransomware takedown, with former gang members launching a fresh wave of attacks targeting American businesses. Law enforcement’s seizure of BlackSuit’s dark web infrastructure didn’t eliminate the threat – it just forced these cybercriminals to rebrand and adapt their…
Google’s threat intelligence team dropped alarming details this week about a massive Scattered Spider attack campaign targeting VMware ESXi hypervisors across American corporate networks. The notorious cybercriminal group has been systematically launching ransomware attacks against retail chains, airlines, and insurance companies, using nothing more than smooth-talking phone calls to IT…
On July 27, 2025, researchers uncovered Soco404, a stealthy crypto mining malware abusing AWS and Azure misconfigurations to hijack cloud resources. By embedding malicious scripts in fake 404 error pages, the Soco404 crypto miner quietly mines Monero using stolen computing power. This campaign adds to the growing wave of crypto…
Gunra ransomware has drawn the attention of cybersecurity researchers for its alarming resemblance to Conti, a now-defunct ransomware-as-a-service (RaaS) operation dismantled in 2022. Experts believe Gunra’s developers may be repurposing Conti’s leaked codebase, long circulated across cybercrime forums. Its behavior—automated encryption, shadow copy deletion, and nearly identical ransom notes—mirrors Conti’s…
